TrustRadius: an HG Insights company

Salt Security API Protection Platform

Score8.5 out of 10

6 Reviews and Ratings

Get a Demo

What is Salt Security API Protection Platform?

For API-driven organizations, Salt Security is an API security platform that protects internal, external, and third-party APIs. The Salt C-3A Context-based API Analysis Architecture combines coverage and AI-powered big data to
  • discover APIs and exposed sensitive data - continuous and automatic discovery
  • stop attackers in their tracks - block attackers by integrating with inline devices
  • provide remediation insights - for developers to improve API security posture

According to the vendor the Salt Platform differs from WAFs and API gateways, that cover only some APIs and operate on a narrow, single-transaction perspective, and is designed to understand the full context of APIs and users to provide complete security across the full API lifecycle.

The Salt platform deploys out of band, with no agents, and runs in cloud, on-premise and traditional or container/Kubernetes environments.

Categories & Use Cases

Reviews

What users are saying about Salt Security API Protection Platform.
View all reviews

If you really need to secure your APIs then you need Salt

Jose Michael Henrique
Security Specialist at Banco Pan (5001-10,000 employees employees)

Use Cases and Deployment Scope

We use Salt to have a realistic view of the entire API infrastructure and possible threats to which these APIs are being subjected. We were able to have a faster and more appropriate response to potential attacks that use APIs as an attack vector. Salt addresses the need to have visibility and control over what APIs we have and how these APIs are being consumed. I consider Salt a precious platform for security teams considering the massive and constant increase in the use of APIs in the architecture of new applications.

Pros

  • Detect possible attacks on APIs
  • Gain visibility into all APIs in your infrastructure

Cons

  • Access to requests and responses from all APIs (baseline), not only those related to attacks

Most Important Features

  • Constant monitoring and alert for possible attacks based on API consumption baseline

Return on Investment

  • Salt can positively impact the API availability SLA by helping to accelerate the detection of attacks that can compromise the availability of your infrastructure.

Detailed Attacks information and good sensitive data flow control

Marcel Amorim
Senior Security Analyst in Information Technology at Banco BV (1001-5000 employees employees)

Use Cases and Deployment Scope

Use Case: Identify anomalies and support incident response. Salt Security API Protection Platform security is integrated with SOC/SIEM tools, reporting the found attacks in order to investigate and respond. The purpose is to have a faster incident response and provide data that supports attacks investigations and sensitive data flow control.

Pros

  • Sensitive data mapping
  • Detailed Attacks Reporting
  • Integration with SOC/SIEM tools

Cons

  • The platform could have more options for exporting detailed data from attackers' dashboards.
  • The Attackers dashboard could also have more options of filters in order to support the investigations of the attack.
  • The OAS analysis could present a more detailed view of the found issues.

Most Important Features

  • Detailed Attacks information
  • Integration with SOC/SIEM Tools
  • Senstive data control

Return on Investment

  • Salt Security API Protection Platform has provided detailed information that is helping us to identify and investigate attacks in our environment

API Security made easy with Salt [Security API Protection Platform]

Tyler Warren
Director, IT Security in Information Technology at Prologis (1001-5000 employees employees)

Pros

  • Easy deployment
  • Excellent visibility into activity on APIs
  • Inventory! It helps you find things you didn't know you had

Cons

  • Some customized deployments can be difficult
  • Reporting functionality across the enterprise and not just per environment needs improved
  • Better attack handling options needed

Most Important Features

  • Inventory
  • API monitoring
  • SDLC integration

Return on Investment

  • The inventory of API assets and volume of calls was not available previously

Salt review

Verified User
Analyst in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

We use a Salt Security API Protection Platform as our provider of information about data consumption via API and call management at application end-points, considering PII tracking and access patterns of eventual attackers (by IP address, authorization type, etc). In addition, Salt Security API Protection Platform provides us with a productivity gain related to the alerts generated and intelligence embedded in the analysis of possible vulnerabilities or threats.

Pros

  • List of Apis callers
  • Alert triagens about suspicious behaviors
  • PII identificaton

Cons

  • Consolidation reports about Apis accessing profiles.
  • Swagger to programming Apis.

Most Important Features

  • Alertting
  • Attack identification
  • PII identification

Return on Investment

  • Productivity
  • Acuracy
  • Management of volume calls

API traffic compliance and security visibility

Verified User
Manager in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

Salt provides visibility on our API traffic, allowing us to proactively identify PII, differences in API documentation (swagger files) and real traffic, alerts in situations that indicate a potential attacker allowing us to take countermeasures and suggestions on improvements (missing important HTTP headers, endpoints lacking authorization, etc.). Given the number of endpoints we have and the traffic we have would be really difficult to get these insights without Salt.

Pros

  • PII identification in API traffic.
  • Divergence between API traffic and documentation (swagger files).
  • Potential attacks with information to take counter measures.

Cons

  • Reporting - more flexible ways to get information.
  • API documentation in order to interact with the platform.

Most Important Features

  • PII identification.
  • Traffic analysis to get insights on improvements and potential attackers.

Return on Investment

  • Helped to keep us compliant with most privacy regulations.

Related Products

Products similar to Salt Security API Protection Platform that may also meet your needs.
All comparisons
Noname Security
CompareLearn more
Cequence Security
CompareLearn more
Traceable, acquired by harness
CompareLearn more